Microsoft Entra Identity Lifecycle, Access Governance & Zero Trust Lab
A reproducible IAM portfolio lab that demonstrates how identities receive, accumulate, lose, and recover access through automated lifecycle controls, investigation, and verified remediation.
The dashboard is generated from real local automation using deterministic synthetic identities. A separate reversible extension was executed in an authorized Microsoft Entra tenant using disabled synthetic users and groups.
Northstar Health Systems is a fictional healthcare technology company that needs reliable identity lifecycle and access governance. I built a local digital twin using SQLite, Python, PowerShell, and configuration-as-data, then added a reversible authorized Entra extension for live user and group operations.
Evidence boundary: Local automation is labeled Implemented Locally. The live user/group scenario is labeled Implemented in Authorized Tenant/Lab. Premium controls unavailable in the Entra Free tenant remain Designed for Entra and are never presented as deployed.
Automated tests: 7 passing
CI: GitHub Actions passing
Execution modes: Local + authorized Entra
Live objects: Disabled synthetic identities and security groups
Business value: The project shows how an IAM analyst can translate an HR event into controlled access, identify a failed mover workflow, explain the risk to stakeholders, remediate the entitlement, and prove that the identity is compliant.