// Cloud Architecture

DDoS attacks have scaled to cloud-level volumes — terabits per second — that on-premises hardware simply cannot absorb. In this episode, Chris is joined by Cam Adams, an engineering manager from Brisbane, Australia, who shares first-hand experience helping customers across Asia-Pacific defend against distributed denial-of-service attacks using Azure. Whether workloads are fully in the cloud, in a hybrid state, or entirely on-premises, Cam explains how Azure can act as a scalable, cloud-powered defensive layer — and why the time to act is before an attack hits, not after.

Chris is joined by Christos Matskas — former Microsoft Premier Field Engineer, developer tools evangelist, and .NET identity expert — for a deep-dive into modern identity patterns in the cloud. They cut through the confusion between Azure AD, Azure AD B2B, Azure AD B2C, and External Identities, explain why the network perimeter is no longer your security boundary, and make the case for letting battle-hardened libraries like MSAL do the heavy lifting rather than rolling your own auth. From eliminating secrets in ARM templates to Zero Trust principles, this episode lays a practical foundation for securing any cloud application.

Building cloud integration solutions means choosing the right messaging and eventing tools — and understanding the critical difference between an event and a message. In this episode, Chris is joined by Ezhilarasi Chezhiyan, Technical Lead at Serverless360 (Kovai.co), to explore Azure's serverless integration landscape: Logic Apps, Azure Functions, Service Bus, Event Grid, and Event Hubs. The discussion covers cloud design patterns including queue-based load leveling, competing consumers, dead letter queues, retry policies, and circuit breakers — plus the observability gap that tools like Serverless360 fill when Azure Monitor falls short for business-level monitoring.

Moving to Azure? Security has to come first. Chris is joined by cybersecurity expert Andrew Nathan to explore how organisations can build a strong security posture in the cloud — covering Azure Security Center and Secure Score, identity strategy (Azure AD vs. Azure RBAC), multi-factor authentication, threat modelling, Azure Policy and Management Groups for governance, and the evolution of security operations into red team/blue team war gaming. Whether you're starting your cloud journey or course-correcting an existing environment, this episode will help you understand where to begin and how to keep improving over time.

Hybrid cloud is no longer just a transitional state between on-premises and public cloud — for many enterprises, it is the end state. Chris is joined by Thomas Maurer, Senior Cloud Advocate at Microsoft, to explore how Azure Arc, Azure Stack Hub, Azure Stack HCI, and Azure IoT Edge help organisations run workloads wherever they make sense: from data centres and factory floors to the network edge and other cloud providers.

APIs are the connective tissue of modern cloud architectures — but poor API design compounds into technical debt that is expensive to unwind. In this episode, Chris Reddington and Peter Piper explore the full lifecycle of API design: defining versioning contracts up front, modernising legacy APIs using the Strangler and Façade patterns, and securing APIs with JWT tokens, OAuth 2.0, and OIDC. They also cover Azure API Management patterns, circuit breakers, throttling, key rotation with Azure Key Vault, and the DevSecOps practices that keep an API estate healthy at scale.

Moving to the cloud shifts infrastructure spend from capital expenditure (CapEx) to operational expenditure (OpEx)—but only if you think about cost correctly from the start. This episode covers the cloud cost mindset: right-sizing, auto-scaling (scale out vs scale up), compute resource consolidation, governance through resource tagging and policy, pricing calculators, reserved instances, and how to build cost awareness into your architecture from day one.

Every cloud project starts with requirements. In this episode, Chris explores the critical pillars of cloud architecture: resilience (SLA, RTO, RPO, MTTR, MTBF), scalability, performance, and cost. Learn why defining requirements upfront—before drawing architecture diagrams—is essential, and how the same on-premises thinking about availability translates directly into the cloud.

Choosing the wrong Azure compute service leads to mismatched scaling behaviour, cost overruns, and avoidable management overhead. This Azure Mythbusters episode compares App Service, App Service Environment, Container Instances, AKS, Service Fabric, Azure Batch, Azure Functions, Logic Apps, Virtual Machines, and VM Scale Sets — highlighting decision factors such as stateful versus stateless workloads, latency requirements, compliance needs, and auto-scale granularity.

Cloud design patterns are abundant and well-documented on the Azure Architecture Center — from established patterns like cache-aside and materialized view to cloud-native ones like circuit breaker and health endpoint monitoring. This Azure Mythbusters episode tours the full pattern catalogue and deep-dives four key patterns: cache-aside, circuit breaker (open/half-open/closed states), health endpoint monitoring, and materialized view in CQRS/event sourcing scenarios.