33 - External Config and Claim Check Pattern - Easier Management and Externalising Payloads
Chris and Peter explore two cloud design patterns that address everyday operational challenges in cloud application development.
External Configuration Store — The core principle is simple: never store secrets, connection strings, or environment-specific configuration in source code. Azure Key Vault and Azure App Configuration are the go-to implementations in the Azure ecosystem. The episode covers deployment slot behaviour, the risks of accidentally committing credentials to version control history, and why even “temporary” hardcoded values create lasting security exposure. App Service and Azure Functions application settings are also framed as a form of external config store, with important caveats.
Claim Check Pattern — When message payloads exceed the size limits of your messaging infrastructure (e.g. Azure Service Bus or Azure Queue Storage), externalise the payload to a separate data store and pass only a correlation ID on the queue. Consumers retrieve the full payload when ready for processing. The pattern supports asynchronous workflows involving systems like ERP billing, provisioning, shipping, and invoicing pipelines. Azure Event Grid provides automatic claim check generation out of the box. Considerations include TTL (when to purge stored payloads), dead-letter handling for poisoned messages, and the added latency of traversing an additional data store.
Both patterns share a security thread: treat compromised configuration stores and poisoned messages as first-class operational risks that require a defined incident response model.
Related Content
5 - The API Economy
APIs are the connective tissue of modern cloud architectures — but poor API design compounds into technical debt that is expensive to unwind. In this episode, Chris Reddington and Peter Piper explore the full lifecycle of API design: defining versioning contracts up front, modernising legacy APIs using the Strangler and Façade patterns, and securing APIs with JWT tokens, OAuth 2.0, and OIDC. They also cover Azure API Management patterns, circuit breakers, throttling, key rotation with Azure Key Vault, and the DevSecOps practices that keep an API estate healthy at scale.
26 - The Pub Sub, Priority Queue and Pipes and Filter Patterns
Chris Reddington and Will Eastbury cover three closely related messaging patterns in one packed episode. They start with the Publish-Subscribe (Pub/Sub) pattern — arguably the most transformative shift in enterprise messaging — where a single producer broadcasts to multiple isolated subscribers via Azure Service Bus topics or Azure Event Grid. Real-world use cases include insurance aggregators, credit check pipelines, and bank account sign-up workflows. From there they move to the Priority Queue pattern, which ensures high-priority messages are processed before lower-priority ones even when consumers are under load. Finally, the Pipes and Filters pattern decomposes complex message processing into a chain of discrete, reusable transformation steps — reducing complexity and enabling independent scaling of each stage. The episode also connects these patterns back to earlier topics like Competing Consumers and Queue-Based Load Leveling, and flags related patterns including Choreography and Compensating Transactions.
21 - The Queue Based Load Levelling and Competing Consumers Pattern
Cloud with ChrisDo you have an application with specific scalability and continuity-of-service requirements? What happens when traffic spikes dramatically — think a major concert or FIFA World Cup ticket sale crashing a site? In this Architecting for the Cloud episode, Chris and Will Eastbury walk through three closely related patterns: Queue-Based Load Levelling, Competing Consumers, and the Asynchronous Request-Reply pattern. They explore how message queues act as shock absorbers for traffic spikes, how competing consumers enable elastic horizontal scaling, and how async request-reply lets you retrofit these patterns into existing architectures with minimal disruption. Key trade-offs covered include queue depth limits, Azure Service Bus configuration, distributed tracing with Application Insights, and when the added complexity genuinely justifies reaching for these patterns.