Category: Logging systems
Understanding microservices – Comparing Application Components
One of the goals of cloud computing is to provide cost-effective solutions that are dynamic and reliable. In Chapter 7, Designing Compute Solutions, we looked at several different components: containers, Kubernetes, Azure Functions, and Logic Apps. One of the key differences between these services and more traditional compute options, such as VMs, is the ability …
Understanding microservices – Comparing Application ComponentsRead More
Client certificates – Comparing Application Components
You can configure the Azure API gateway so that it requires a certificate when making calls. Whereas subscription keys are generated by you and can be quickly supplied, certificates provide greater security. However, the certificate must be generated by a certificate authority and securely provided to your consumers. But when security and control are of …
Client certificates – Comparing Application ComponentsRead More
Using API policies – Comparing Application Components
Azure API Management policies allow you to change how your APIs function and behave. Typical examples include rate-limiting responses, converting one format to another, such as XML to JSON, or even modifying the contents of the data returned. Azure API Management offers a range of built-in policies, or you can create custom ones. The following …
Using API policies – Comparing Application ComponentsRead More
Monitoring and optimizing your migration – Migrating Workloads to Azure
Azure has several opportunities for enhancing performance and security that you may not have used with your on-premises systems. It is also possible that your existing servers were underutilized or even overutilized, which can impact costs. Therefore, once migrated, you should monitor your workloads for performance trends, security enhancements, or cost optimizations. To support these …
Monitoring and optimizing your migration – Migrating Workloads to AzureRead More
Understanding migration options – Migrating Workloads to Azure
The next phase of the migration planning is to determine how your migrated services will be built. This may be a simple lift-and-shift of one VM to a new VM in Azure, or you may take the opportunity to modify the technologies you use. This part of the process is more than just technical decisions …
Understanding migration options – Migrating Workloads to AzureRead More
Assessing on-premises systems – Migrating Workloads to Azure
In the previous chapter, we examined Azure storage use, looking at the different types available, including their benefits, and how to secure them. In this chapter, we will focus on migrating workloads from on-premises systems into Azure. The process starts with an analysis of your current environment. We will discuss the areas you must consider, …
Assessing on-premises systems – Migrating Workloads to AzureRead More
Encryption – Exploring Storage Solutions
All storage accounts in Azure are encrypted by Storage Service Encryption (SSE) using a 256-bit Advanced Encryption Standard (AES) cipher. This makes Azure storage FIPS 140-2 compliant. Important note FIPS 140-2 is a US government security standard for the approval of cryptographic processes. By default, the keys used to encrypt the storage are managed by …
Authorization – Exploring Storage Solutions
The next layer of protection ensures the person or application trying to access the data is authorized to. There are several different mechanisms in which to achieve this. RBAC Using RBAC, we can ensure a user or other type of identity (such as a managed identity or service principal) is authorized to perform a task …
Designing storage security – Exploring Storage Solutions
Protecting your data is a crucial consideration with any storage mechanism. Luckily, security is at the heart of Azure components, and storage solutions implement various protection levels by default. We will take a look at the different security options for Cosmos DB and Azure SQL in Chapter 12, Creating Saleable and Secure Databases. In this …
Designing storage security – Exploring Storage SolutionsRead More
Logging systems – Exploring Storage Solutions
Many applications and systems emit logging information that can be used for performance or diagnostics analysis. This type of data is typically a combination of structured and semi-structured data – but not always. This log data can be sent out in many different ways and from numerous sources, such as applications, VM operating systems, and …