A Cup Of Matcha 8
There’s a thin line between research and procrastination. Or maybe a big grey area. Anyway, erm, lots of links this week.
First, identity management:
- European Digital Identity Wallets: Commission publishes first technical Toolbox towards prototypes I still believe this is a dead end, but maybe I’m wrong.
- Avoiding an Identity Crisis: An Identity and Access Management Competency Model PhD paper by ID Pro member Ken Myers
- Loud Men Talking Loudly IETF is the case study but this phenomena is still the norm
- Awesome IAM Not quite the Awesome List I was after (it’s mostly principles, policy and practices) but still awesome
- Hackers stole passwords of Worldcoin Orb operators The “crypto” world’s incompetence continues
- Aliaste sulgemine Estonia is no longer going to give all citizens an email alias address, which is sad - but apparently they weren’t being used.
Amazon is open-sourcing its Cedar ACL policy language. There are already existing, well established alternatives (Permify and Ory spring to mind) but Amazon’s market dominance and use of Cedar for its own services make this A Big Deal - knowing how to use Cedar is going to be a key skill for cloud engineers. It’s also rather impressive.
- Cedar Language All about the Cedar policy language
- edar-agent An open source service that uses Cedar
- Open Policy Agent Or you could use Rego instead
- Opal or Cedar and Rego
- Opal-fetcher-Postgres and store policies in Postgresql
- Permify Or of course Permify/Zanzibar is already around
- Ory or Ory
I’m considering starting my own Awesome list on IAM tech (skewed towards federation and HE)
- The Awesome Side of GitHub - Awesome Lists
- Awesome an awesome list of awesome lists
- Generator this seems completely unnecessary
- The awesome manifesto but this doesn’t
I almost used Crystal for something useful last week but it lacked a library (“shard”) to do something I can’t write myself. This is a shame - it looks like a great language and the standard library looks very good - it even has good XML support built in. But sadly not XMLSec.
The microservices vs monoliths debate continues. I actually tend to write backend services that are neither microservices or monoliths, just old fashioned middleware services.
- Monoliths are not dinosaurs
- RabbitMQ in Microservice Architecture
- Monolith vs Microservices: With Elixir You Don’t Need to Choose
- Implementing and Designing Microservices
I am looking for a static website builder, and Bridgetown looks good:
- Bridgetown Looks nicer than Jekyll
- Bridgetown Cards I like this hint sharing site too
- Let’s make a blog with Bridgetown Bridgetown tutoral
Various other tech links from last week:
- Uptime Guarantees — A Pragmatic Perspective Nines.
- Cal “The open-source Calendly alternative”
- Cloud Storage for HE best practices
- Why we used open-source software to build Cockpit Free monitoring dashboard from Scaleway
- autocannon Fast Node-based HTTP benchmarking/load testing
- ink-ui Nice CLI UI (TUI) elements for JS
- The 2023 Developer Survey is now live! Doooo iiiiit
- Agentize Wrapping up data into agents in Elixir
- Upload Encrypted Files to S3 Nice way to encrypt user files on S3 / B2
- Build your own private WireGuard VPN with PiVPN Wireguard on a Pi
- Quickwit Another new search engine
- How LinkedIn Adopted A GraphQL Architecture GraphQL at LinkedIn
- How to manage your technical backlog Alternatives to procrastination I suppose
Finally a few odder things
- Warp AI The Warp terminal for MacOS now has an AI assistant that, gods help me, is actually useful
- SubTLS Watch a page load itself over TLS, with all the technical bits visible and explained
- GoblinTools AI-assisted tools for everyday things.
- Hangul word of the day Korean reading and vocab extension for Chrome