Summary
This portfolio demonstrates the design and operation of a lightweight, reproducible cloud security lab environment focused on identity and access management within Microsoft Azure and Entra ID. The environment is not treated as a generic “lab setup”, but as an operational testing space for understanding authentication behaviour, access control decisions, and identity-driven system activity under realistic constraints.
The objective is to build evidence of practical capability in identity security through repeatable, controlled experimentation rather than isolated tool usage.
Lab Environment Design Decisions
The environment is built on WSL2 with Ubuntu 24.04 to prioritise stability, speed, and reproducibility over infrastructure complexity. This choice was driven by repeated limitations observed in traditional virtual machine setups, where resource consumption and system overhead directly reduced the ability to run consistent identity-focused investigations.
By moving to a lightweight Linux subsystem integrated into Windows, the lab reduces operational friction and allows more time to be spent on analysis rather than environment maintenance. This design also reflects a key constraint in real cloud security work: working efficiently within platform-imposed limits.
Where system-level constraints exist (such as restricted service behaviour in WSL2), these are documented rather than bypassed, reinforcing an understanding of how platform architecture affects security telemetry and investigative capability.
Identity and Access Management Focus
The core focus of this lab is identity behaviour within Azure-based environments, particularly through the lens of Microsoft Entra ID. The work is centred on understanding how authentication events are generated, how access decisions are evaluated, and how identity state changes are reflected across system outputs.
Instead of treating identity as a theoretical concept, the lab examines it as observable system behaviour. This includes interpreting login outcomes, analysing access patterns, and understanding how identity-related signals appear in cloud environments under different conditions.
This approach builds practical familiarity with how identity systems behave in enterprise environments rather than just how they are configured.
Workflow and Investigation Structure
Each investigation follows a consistent structure designed to support reproducibility and reduce ambiguity in analysis. The process begins with establishing a known baseline state, followed by observation of identity or system events, structured interpretation of those events, and finally documentation of outcomes in a repeatable format.
Automation and scripting are introduced where they reduce manual overhead in processing identity or system data. The emphasis is not on tool variety, but on ensuring that outputs can be consistently reproduced and validated.
This structured workflow mirrors the expectations of operational cloud security environments, where repeatability and clarity of investigation are more valuable than ad-hoc experimentation.
Technical Competencies Demonstrated
This lab demonstrates applied capability in identity and access management within Azure environments, interpretation of authentication behaviour and access outcomes, structured investigation of system-level identity events, design of reproducible cloud-adjacent lab environments, and use of scripting to support repeatable analysis workflows.
The emphasis is on applied understanding of identity systems as operational components rather than abstract services.
Professional Relevance
This work reflects the analytical and operational thinking required in identity-focused cloud security roles, particularly within Microsoft Entra ID environments. It demonstrates the ability to work within constrained technical environments, make deliberate design decisions, and structure investigations in a repeatable and verifiable manner.
The focus on identity behaviour analysis and controlled experimentation aligns with expectations for early-career cloud security and identity and access management roles.
Outcome
The result is a stable and lightweight identity-focused cloud security lab environment designed for structured investigation and repeatable analysis. It supports practical development of skills in authentication analysis, access behaviour interpretation, and identity system understanding within Azure environments, forming a foundation for progression into identity-centric cloud security roles.