TWIL: July 24, 2022
These past two weeks, my focus has been on designing solutions based on Azure API Management and other Azure services that are used together with it. I also highlight a set of podcast episodes, like the last episode from Dot Net Rocks about C# 11. Great stuff!
Episode 1802: Measuring DevSecOps with Victoria Almazova
How do you measure how secure your application is? While at NDC London, Carl and Richard chatted with Victoria Almazova about her work around measuring DevSecOps. Victoria talks about making security part of the DevOps cycle, which is part of every build and measured constantly. The conversation moves to traditional penetration testing and the challenges of incorporating security improvements into applications. But what if your security efforts shifted to the left and became part of your development practice? Then there would be fewer fixes to make!
Episode 1803: Building C# 11 with Kathleen Dollard
What features do you want to see in C# 11? Carl and Richard chat with Kathleen Dollard about the work being done to the latest version of C# so far. But first – what about VB.NET? Starting with a question from a listener, Kathleen clarifies Microsoft plans for VB.NET – it’s never going away! Then into the feature list of C# 11, including new generic math, static interfaces, initialization features, pattern matching, and more!
Episode 431: Azure Platform-as-a-Service (PaaS)
We chat with Nir Mashkowski, Principal PM Manager, about the evolution of PaaS since its inception 10+ years ago, some of the usage patterns that he has observed, the benefits and reasoning of using PaaS services, and the future of where Azure PaaS services is headed.
Episode 849: The future of supply chain with Ox’s CEO Charu Thomas
Ox optimizes fulfillment operations by automating manual tasks and increasing workforce efficiency. Ox’s CEO Charu Thomas started thinking about this space in college and then ended up founded a company in Northwest Arkansas! As a second-year undergraduate, Charu took her concept to Thad Starner, a professor in Georgia Tech’s College of Computing, who also was the technical lead/manager for Google Glass. The resulting research won the Best Paper Award at the 2018 ACM (Association for Computing Machinery) International Symposium on Wearable Computers.
Azure API Management
Most of my learning this week was around Azure API Management, so here are a few of the contents I’ve been reading to become up-to-speed with this product.
Azure API Management landing zone accelerator
The Azure API Management landing zone accelerator provides an architectural approach and reference implementation to prepare landing zone subscriptions for a scalable API Management infrastructure. The implementation adheres to the architecture and best practices of the Cloud Adoption Framework’s Azure landing zones with a focus on the design principles of enterprise-scale.
Automate API deployments with APIOps
APIOps applies the concepts of GitOps and DevOps to API deployment. By using practices from these two methodologies, APIOps can enable everyone involved in the lifecycle of API design, development, and deployment with self-service and automated tools to ensure the quality of the specifications and APIs that they’re building.
Policies in Azure API Management
In Azure API Management, API publishers can change API behavior through configuration using policies. Policies are a collection of statements that are run sequentially on the request or response of an API. Policies are applied inside the gateway between the API consumer and the managed API. While the gateway receives requests and forwards them, unaltered, to the underlying API, a policy can apply changes to both the inbound request and outbound response.
API Management policy reference
This section provides links to reference articles for all API Management policies. Policies are grouped into the following categories: access restriction policies, advanced policies, authentication policies, caching policies, cross-domain policies, dapr integration policies, transformation policies and validation policies.
Azure API Management Terraform Provider
Documentation on the Terraform provider for Azure API Management resources.
Observability in Azure API Management
Observability is the ability to understand the internal state of a system from the data it produces and the ability to explore that data to answer questions about what happened and why. Azure API Management helps organizations centralize the management of all APIs. Since it serves as a single point of entry of all API traffic, it is an ideal place to observe the APIs.
Tutorial: Monitor published APIs
With Azure Monitor, you can visualize, query, route, archive, and take actions on the metrics or logs coming from your Azure API Management service. You can also use API Management’s built-in analytics to monitor the usage and performance of your APIs.
How to log events to Azure Event Hubs in Azure API Management
Azure Event Hubs is a highly scalable data ingress service that can ingest millions of events per second so that you can process and analyze the massive amounts of data produced by your connected devices and applications. This article describes how to log API Management events using Azure Event Hubs.
How to integrate Azure API Management with Azure Application Insights
You can easily integrate Azure Application Insights with Azure API Management. Azure Application Insights is an extensible service for web developers building and managing apps on multiple platforms.
Have an awesome week!