Microservices (overview)

The intentions behind Microservices is to loosely couple specific areas of a software solution. e.g. Web UI, Identity, Pricing etc.

A Microservices solution allows for a clear split in development work and teams, this facilitates faster development cycles and deliveries.

Each service is autonomous and can be developed in the most appropriate language using frameworks and patterns specific to that service.

Each micro service can be scaled (memory, CPU etc.) depending on their requirements.

Downsides include network latency and can often be difficult to debug.

Azure Key Vault

Location for storing connection strings, x509 certificates and other application secrets. Permissions by default are restricted. To modify from ARM, permissions will need to be applied implicitly and can be done on Key Vault creation.

Each key vault has its own usage metrics to see who and what applications have accessed an individual secret.

Using ARM deployment we can reference any secrets using parameters to provide the Reference Id of the Key Vault and the Secret’s name.

The Key Vaults main features are to limit access to sensitive data (by keeping them away from the source code) and audit access for those that do.

Azure Resource Management (ARM) Templates

Using Visual Studio we can create a Resource Group Project that will manage the configuration and deployment of a Resource Group. Creating this type of project (from template) will generate several default configuration properties in addition to a PowerShell script for Azure deployment.

The default project includes several alerts and application insight configuration in addition to the basic requirements for a Resource Group.

Using Visual Studio, resources can be added to the configuration file to add additional resource based functionality and overrides e.g. The website configuration can be modified to alter AppConfig settings, these can be added or modified as desired.