Skip to main content

Posts

Demystifying system-assigned managed identity and user-assigned managed identity for Azure Resources

Recent posts

[Post Event] Winter ITCamp Community Event – Cluj-Napoca, 2019

This week we had a great local ITCamp Community event in Cluj-Napoca. The event was supported by Micro Focus and Transilvania Cloud and more than 50 people joined the event.
We had 3 sessions where we talk about KEDA, running Windows Services inside Docker and what a developer shall be aware of when security and cloud meet. I had the opportunity to talk about the last subject - Cloud Security Fundamentals - Developer View. The topic is complex because it is hard to separate automation and infrastructure from development inside a cloud project. The lines are thin and sometimes very grey.

You can find more about my bellow.
Title: Cloud Security Fundamentals - Developer View
Abstract: Do you want to improve cloud security? I thought so. Then why not join this session and build your fundamentals knowledge related to cloud security from a developer perspective. We have a lot of demos and hands-on expertise from Microsoft Azure and AWS.
Slides:

Cloud Security Fundamentals - Developer View from

Implementing an ETL process in AWS and Azure that fetch data from FTP

Have you ever had to automate the data ingestion from an FTP (SFTP) to cloud? The challenge is not to read data from an (S)FTP. The challenge is to do this reliably with minimal investment. In an ideal world, you would go with an approach where you would use an ETL or orchestration solution provided by the cloud. The reality is that you don’t have cloud services that are fully integrated with (S)FTP. On top of this, you need to fight with the network connectivity that might not be so reliable as you think.
Let’s see how we can design a solution that: 1.Access (S)FTP content that it is on-premises2.Process and transform the data 3.Push the content to a MySQL database and updates a cache.
The requirements are specific to an ETL process, where we need to extract data from a repository, transform the data and store it inside the database.
Running the solution on Microsoft Azure The first Microsoft Azure service that we should take into account is the Azure Data Factory. It is an ETL serv…

How to get better price of Azure resources for DEV and TEST environments

How often are do you estimate the running cost of DEV, TEST, PRE-PROD, PROD environment?  I assume that at least one time. How often your customers are complaining that the cost of NON-PROD environment is too high or should be reviewed?  Every sprint or new release I assume. One of the biggest mistakes done by teams that are working with Microsoft Azure is forgetting about Azure Dev/Test offer. Microsoft is offering high discounts for Azure resources that are used for Development or Testing scenarios.
Case study For an enterprise application, we use to have the following environment configuration AppService | S2 Standard TierAzure SQL Database | General Purpose, Gen 5, 2 vCoreAzure CosmosDB | 8 RUBlob Storage | Standard  The normal total cost of DEV environment per month is around $980. Adding the testing one, the total cost is around $1860. Additional to this there is another subscription, where teams have the ability to create temporary resources to test or to some integrations. In tot…

Azure Tools - Azure Cloud Explorer

Highlights of  Azure Cloud Explorer Azure Services: Azure Blob Storage Cost: Free of use How it is delivered: Installer Top 3 features:      #1 Looks and feel like File Explorer      #2 Drag and drop functionality      #3 Integrated with local file storage Pain points:      #1 Lack of support for virtual directories (e.g. OneDrive)      #2 Linux support      #3 Hard to find download link using search engine Download URL: https://monzacloud.com/azure-cloud-explorer/ Credits: Monza Cloud
First time when I discovered these tools was a few months ago. I was looking for a method for copying data from Azure Blob Storage to the local disk for non-technical people. Imagine that you need to share content with somebody from HR knows to use only Office and Windows. For them, a tool that looks like Windows File Explorer is perfect. The first thing that impressed me at the tools what the similarities with File Explorer. The initial look and feel are almost the same. As you can see below the icons, the pos…

How to guarantee the order in which the messages are processed inside AWS MQ and Azure Service Bus (FIFO on the consumer)

In the last post, we talk about queues where the ordering of messages are guaranteed (FIFO). Even if we have messaging services where FIFO is guaranteed at queue level, this is not enough to ensure that we consume the messages in the order they were added to the queues. The challenge for a queue that offers a FIFO is the number of consumers that could be in parallel. To guarantee that the FIFO is fully respected on the consumer side you need to have only ONE consumer or to assume that there are no exceptions or errors that can occur on the consumer side while a message is consumed. The flavour related to how the FIFO is defined as functionality inside a queue service is between ‘delivery guarantee’ and ‘guaranteeing message delivery in the same order that they were pushed’. It is not the same to have a system that guarantees the FIFO for message delivery vs the order in which the messages are processed. In the end, with a FIFO that guarantee the message delivery, if you have only one c…

FIFO and queues inside AWS and Azure

Nowadays, most of the systems that are running inside a cloud provider like AWS or Microsoft Azure are using in one way or another a messaging system. Many people forget that not all the time a queue guarantee FIFO.
Things are becoming more sophisticated, at the moment in time when you integrate the queue with other systems. You might realise that even if your queue is supporting FIFO, the integration with other cloud services will not enable you to use queue with FIFO guarantee. Because of this, I decided to write this short blog post that highlights things that might go wrong when you need a FIFO inside AWS or Microsoft Azure and how you could tackle them.
AWS and FIFO At this moment in time (January 2020) the AWS services that manage messages are: AWS SQSAWS MQAWS SNS (simple event/message routing solution)
NOTE: We don’t take into consideration AWS Kinesis and AWS IoT Message Broker because they are more specific for events handling and IoT solutions. From the above list, AWS SQS h…