Photo by Damir Spanic on Unsplash

I’ve never really taken to ARM templates on Azure, they feel fiddly and don’t read overly well. Even an ARM template generated from the Azure Portal is pretty horrific and in my opinion, has been a major negative for Azure for several years. For those reasons, my go-to for Azure Infrastructure as Code has always been Terraform, and although I still prefer the YAML defined CloudFormation templates on AWS, Terraform’s HCL is a pretty close second contender.

So what is Bicep? Microsoft claims:

Bicep is a Domain Specific Language (DSL) for deploying Azure resources declaratively. It aims to drastically simplify…


Photo by chepté cormani from Pexels

DNS is one of the cornerstones of the internet, translating words we know as domain names into the combination of numbers we know as IP addresses. The process of registering a domain, pointing it to your chosen DNS providers’ nameservers and then setting up your DNS records has remained mostly the same since inception. Without DNS we’d be stuck remembering combinations of IP addresses to visit our favourite websites.

In 2010, AWS introduced their flavour on DNS by releasing a service called Route 53. Route 53 includes all the usual DNS functionality, along with more advanced features such as alias…


Photo by bongkarn thanyakij from Pexels

Staff working from home can present challenges for organizations, especially for those who have been forced into fast-tracking these arrangements due to the COVID-19 virus. IT departments around the world are scrambling to implement ways to enable their colleagues to work remotely and helping keep the lights on for their employers. Thankfully, the cloud has been the new normal for around 90% of organizations in some way or form for the last few years. …


Photo by Andres Urena on Unsplash

A couple of months back I came across a tweet from @freezydorito. She had found an unsecured API on her TV and was trying to build an Alexa Skill to utilize the API and control the TV by voice.

I’m a huge fan of devices controlled by voice — our house has multiple Amazon Echos and is fitted out with Philips Hue lighting in every room, using voice has become second nature. …


A few months back I wrote about Multi-Cloud Architectures for the Enterprise: Part 1; summarized, it was an example of how you could connect AWS, Azure and On-Premise using IPSec VPNs. Part 2 was intended to talk about platform services, however, after a few months working with Azure outside of my sandbox environment and seeing what some of the clients I work with are doing, I thought I’d pivot a little and talk about the big three cloud providers and provide my opinions on how they can co-exist and complement each other.

AWS


Photo by zahid lilani from Pexels

These days, many enterprises are opting for a multi-cloud strategy. At my previous employer, I’d worked with AWS for 10 years, I’ve just recently moved into a new role with a Microsoft partner who naturally recommends Azure for a lot of workloads (even though AWS claim they are the better platform for Windows workloads) — I still love and prefer AWS.

For enterprises, running multiple workloads across different cloud providers may be for a number of reasons; some voluntary or to take advantage of a larger feature set, others because of legislated compliance or risk mitigation strategies. The workloads can…


Photo by Tomáš Malčo Malík from Pexels

I’ve been using the Serverless Framework for around 2 years now. I not only use it for deploying Lambda functions and APIs, complete sets of infrastructure too and prefer it to AWS’ SAM. Although under the hood it mostly uses CloudFormation (like SAM), the way it orchestrates packaging of code for Lambda, then joining the dots automatically for API Gateway (and other event sources) makes deploying serverless applications incredibly simple.

More recently, AWS has been making waves with Amplify, which has made deploying applications end to end very simple by asking what you want to do, such as adding hosting…


Photo by Max Duzij on Unsplash

For the last few years many of the projects I’ve worked on have utilized TeamCity for CI/CD, however, more recently I’ve made a point to build new CI/CD Pipelines using AWS Code Pipeline. As part of some other changes to one of the projects I’d been working on, I determined we should migrate that pipeline away from TeamCity to CodePipeline also.

TeamCity is a great tool, but there are a few reasons why I’ve been moving projects from TeamCity to CodePipeline:

  • We had to manage the underlying EC2 servers, keeping the dependencies up to date and common between servers started…


Like everything on AWS, there are multiple ways to achieve similar outcomes. Recently I wrote an article about setting up SSO into your AWS Accounts using SAML — specifically ADFS. Although most larger or established companies utilize Active Directory for authentication, smaller companies or startups may choose not to so they don’t have to worry about yet another tool or system to manage. So what options are there if you still want to utilize a centralized login system? One of those options is AWS SSO, which also happens to be a free service.

Getting Setup

Before you get started, note down AWS…


Security of your AWS accounts is important, it doesn’t just protect client data but also can affect the availability of your applications. Especially so when it comes to production workloads where you need to be absolutely sure who has been granted access to an account, what levels of permission they have and be able to manage users at an organizational level instead of in each independent system. No matter how many policies and processes you put into place, someone always ends up sharing an access or secret key when they shouldn’t have! …

Gavin Lewis

Passionate about building and delivering solutions in the Cloud! Senior Cloud Architect @ Rapid Circle. Views are my own.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store