Skip to content

Instantly share code, notes, and snippets.

View christothes's full-sized avatar

Christopher Scott christothes

40 followers · 28 following
View GitHub Profile
@christothes
christothes / backup-sample.md
Last active October 12, 2020 16:29
Backup/Restore-sample

Backup Restore Key concepts

Full Backup

Create a full backup of the entire contents of the Managed HSM including all keys, versions, attributes, tags, and role assignments. The backup is encrypted with cryptographic keys associated with the HSM's security domain.

Full Restore

Completely restore the contents of the Managed HSM with a previous backup, including all keys, versions, attributes, tags, and role assignments. Everything currently stored in the HSM will be wiped out, and it will return to the same state it was in when the source backup was created.

Selective Restore

Selectively restore just one key from a Managed HSM backup in blob storage. Only key material (all versions), tags, attributes, and key level role assignments are restored.

@christothes
christothes / rbac-sample.md
Last active July 9, 2020 13:48
RBAC Sample

RBAC Key concepts

RoleDefinition

A RoleDefinition is a collection of permissions. A role definition defines the operations that can be performed, such as read, write, and delete. It can also define the operations that are excluded from allowed operations.

RoleDefinitions can be listed and specified as part of a RoleAssignment.

RoleAssignment.

A RoleAssignment is the association of a RoleDefinition to a service principal. They can be created, listed, fetched individually, and deleted.

@christothes
christothes / generalized-rbac.md
Last active June 18, 2020 23:34

Proposal for generalized RBAC for management and data planes

RoleAssignmentScope and RoleAssignmentPermission:

All contained within RBAC. Implicit cast to string, so that scope remains a string arg. RoleAssignmentScope itself can go to Core and maintain the global inventory of scopes?

Permissions can go the same way. Ideally each service swagger would express its permissions as extensible enum in swagger

@christothes
christothes / _MoqExtensions.cs
Last active February 8, 2022 15:35
Moq extension inspired by https://gist.github.com/7Pass/1c6b329e85ca29071f42. Allows mocks to be setup with all args as default without having to type out each one in the Setup.
public static class MoqExtensions
{
public static ISetup<T, TResult> SetupDefaultArgs<T, TResult>(this Mock<T> mock, string methodName)
where T : class
{
var method = typeof(T).GetMethod(methodName);
if(method == null)
{
throw new ArgumentException($"No method named '{methodName}' exists on type '{typeof(T).Name}'");
}
@christothes
christothes / gist:6992580
Created October 15, 2013 14:38
Sample of taking some text and extracting tokens wrapped in {{ }} with regex. JSFiddle: http://jsfiddle.net/2c5LC/2/
var mail = "this is a mail with some {{special}} strings. Some of these {{special}} strings should be replaced with a {{someValue}}."
var pattern = /\{\{([\w]*)\}\}/g;
var match;
while((match = pattern.exec(mail)) !==null){
console.log(match);
console.log('match: ' + match[0] + ' at index :' + match.index);
console.log('capture: ' + match[1]);
}