Jump to navigation Jump to content

Speaker

Andreas Grimm

Andreas Grimm

Serverless, Identity & Access Management, Domain-Driven Design, Meetup Organizer

Berlin, Germany

Actions

Andreas is an expert in Identity & Access Management and a proponent of the serverless methodology.
Because getting to a shared understanding with the business is more important than technical solutions, he's into approaches like Domain-Driven Design and Collaborative Modeling.
He's from the community for the community and organizes several meetup groups in Berlin like @DDDBER, @fullstack_JS and @ServerlessBER.

Twitter: @_andreasgrimm

Links

Area of Expertise

  • Information & Communications Technology
  • Business & Management

Topics

  • Serverless
  • Identity and Access Management
  • Domain-Driven Design
  • EventStorming
  • CQRS
  • EventSourcing
  • Edge Computing
  • Cloudflare Workers
  • microservices
  • FaaS
  • Authentication
  • Authorization
  • OAuth2
  • OpenID Connect

Sessions

Serverless Auth and Secrets Management

For your business it is more important than ever to protect applications, services and customer data from attackers. If you want to stay competitive, knowing how to efficiently and easily apply security and auth while being aware of the most common pitfalls is key in today's serverless world.

Traditional machine-to-machine auth approaches where you can rely on a statefull environment fall short in a modern serverless and thus stateless world. With this talk you’ll make an important step towards public-cloud-readiness and a future-proof "Zero Trust" architecture. After a short recap of some auth fundamentals, you'll learn how to efficiently apply authentication to each, AWS cloud & Azure cloud, using the managed Identity Provider Auth0, OAuth 2, JsonWebToken (JWT) and a serverless secrets management system.

- Preferred duration: 45 mins OR 60 mins
- Level: Beginner and Intermediate
- Target audience: everyone interested in serverless and security
- Tags/Keywords: Serverless, Security, Identity & Access Management, Authentication, Authorization, OAuth 2, Role-Based Access Control, Zero Trust, Secrets Management, Auth0, AWS, Azure

Serverless is DevOps 2.0

These days every company has products that are serverless it seems and more and more developers want to use cutting-edge technologies like Functions-as-a-Service and fully managed cloud services. Blinded by the newest shiny toys, once more we seem to ignore the most important part of DevOps.
In this talk we look beyond the hype and see what serverless really is about. By learning about terms like "Time To Market" and "Total Cost of Ownership", developers can talk to business people at eye level using the same language. Knowing about different collaborative modeling approaches leads to the shared understanding needed to build "the right thing". Modern serverless CI/CD and observability tools help to improve the continuous delivery of value to the users. We'll see that in the end it's all about people and not so much about technology and eventually how serverless changes the current state of DevOps.

- Preferred duration: 45 mins
- Minimum duration: 25-30 mins
- Level: Beginner
- Target audience: everyone that cares about people and the business
- Tags/Keywords: Serverless; Continuous Delivery; Organizations; People;

Securing Serverless Apps, APIs & Microservices (using Infrastructure as Code)

By learning and applying current security best practices you'll make an important step towards public-cloud-readiness and a future-proof "Zero Trust" architecture.
After the workshop you'll have created a production-ready, secure and GDPR-compliant setup that you can easily build upon and extend.
For that we'll use the Identity Provider Auth0, Azure Functions and the secrets management system Azure Key Vault but the concepts can easily be applied to other vendors' products.

You will learn:
- Fundamentals of modern Authentication & Authorization with OAuth 2 & OpenID Connect
- Secure a serverless API
- Access a secured API from a browser-based (Angular) web application
- Access a secured API from within a serverless microservice
- Apply RBAC (Role Based Access Control)
- Completely automated deployment of App, APIs and Identity Provider configuration using IaC (Infrastructure as Code)

- Participants will need a chair and a table to put their laptops on
- Participants will need WiFi
- Preferred duration: full day
- Minimum duration: half a day
- Level: Beginner and Intermediate
- Target audience: everyone interested in serverless and security
- Tags/Keywords: Serverless, Security, Identity & Access Management, Authentication, Authorization, OAuth 2, OpenID Connect, JWT, Role-Based Access Control, Zero Trust, Secrets Management, Auth0, Azure, Azure Functions, Azure Key Vault, TypeScript, Zero Trust Networks

Events

Above Clouds 2020 Sessionize Event

May 2020 Zagreb, Croatia

microXchg 2019 Sessionize Event

April 2019 Berlin, Germany

Andreas Grimm

Serverless, Identity & Access Management, Domain-Driven Design, Meetup Organizer

Berlin, Germany

Links

Actions

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top