// Azure

Chris recaps a JamStack blog post, an appearance on the MS How-To show covering cloud design patterns, and the gatekeeper and valet key patterns session on API security. He covers Azure updates including AKS automatic cluster upgrade channels and the Secret Store CSI driver for Azure Key Vault, Azure DevOps Delivery Plans 2.0 with YAML manual validation, Pulumi as an infrastructure-as-code tool supporting Python, TypeScript, and Go, and a comprehensive GitHub 2020 year-in-review.

Continuing the 'Architecting for the Cloud, one pattern at a time' series, Chris and Peter Piper explore two closely related cloud design patterns for securing APIs and backend resources. The Gatekeeper pattern positions a dedicated host between untrusted clients and trusted backend services — handling authentication, authorization, request validation, protocol translation, and rate limiting. The Valet Key pattern complements it by issuing short-lived, scope-restricted tokens (such as Azure SAS tokens) so clients can access specific resources directly, reducing load on central services without sacrificing security. The episode covers practical implementation options on Azure including API Management, Azure Key Vault, and Azure App Configuration.

When I mention the term JAMStack, I'm not pretending that I'm Paddington bear with a stack of Jam sandwiches! If you hadn't heard, JAMStack is a term that describes applications based on JavaScript, APIs and Markup. That means, we're referring to files that are content in nature. Think about files like HTML, CSS, Images, etc. Ok, now with that context - why has it risen in popularity? Surely this is something that could have been done for many years, so why now? My hypothesis... Cloud.

Chris announces his involvement with relaunching the Azure Thames Valley meetup, recaps the static content hosting pattern episode and his open source blog, and previews upcoming talks at AzureIsh Live and a SquaredUp webinar on application observability with Azure Monitor and App Insights. He covers Azure Updates including public IP SKU upgrades, built-in Azure Policy for NSG flow logs, GitHub's availability in Iran, the GitHub Enterprise Server 3.0 release candidate, and Docker Desktop integration with Azure Container Instances.

Serving static HTML, CSS, images, and JavaScript from a general-purpose web server wastes compute and money. The Static Content Hosting pattern offloads these assets to cloud storage—Azure Blob Storage, AWS S3, or GCP Storage—optionally fronted by a CDN for global performance and storage-tier scalability. This episode walks through the pattern, a real-world implementation with Hugo and Azure CDN, and the trade-offs to consider.

Chris covers channel updates for Cloud with Chris, including a new video on GitHub Codespaces and a blog series on open source contributions to Hugo themes. He highlights the Azure Updates RSS feed as an essential resource for tracking Azure service changes, and spotlights community contributors JonnyChipz, Sarah Lean (TechieLass), CloudFamily.info, and Richard Hooper (PixelRobots).

Chris launches the weekly vlog format with a recap of December 2020, including open source contributions to the Hugo Castanet theme and the start of a new community-focused Hugo theme project. He reviews Azure updates covering Azure Synapse Analytics GA and Microsoft BGP routing security improvements, highlights GitHub's DevSecOps tooling with CodeQL and Dependabot, and explains the new Azure DevOps service tag for network security groups.

Do you have an application with specific scalability and continuity-of-service requirements? What happens when traffic spikes dramatically — think a major concert or FIFA World Cup ticket sale crashing a site? In this Architecting for the Cloud episode, Chris and Will Eastbury walk through three closely related patterns: Queue-Based Load Levelling, Competing Consumers, and the Asynchronous Request-Reply pattern. They explore how message queues act as shock absorbers for traffic spikes, how competing consumers enable elastic horizontal scaling, and how async request-reply lets you retrofit these patterns into existing architectures with minimal disruption. Key trade-offs covered include queue depth limits, Azure Service Bus configuration, distributed tracing with Application Insights, and when the added complexity genuinely justifies reaching for these patterns.

Peter Piper joins Chris Reddington for another episode in the Architecting for the Cloud, One Pattern at a Time series. Building on the Façade and Strangler patterns, they explore three related cloud design patterns: the Anti-Corruption Layer (translating between legacy and modern domain models), Gateway Aggregation (collapsing multiple backend calls into a single client response), and Gateway Routing (layer-7 routing to decouple consumers from versioned backend services). Real Azure service examples — including API Management, Application Gateway, and Azure Front Door — are used throughout.

What if you stored not just the current state of your data, but every event that produced it? The Event Sourcing pattern captures the full history of changes as an append-only log — enabling audit trails, temporal queries, and history replay. Combined with Materialized Views for efficient read-side querying and CQRS for command/query separation, these three patterns form a cornerstone of modern event-driven architecture. Chris and Steph explore all three in this episode of Architecting for the Cloud.