Book Image

The Azure Cloud Native Architecture Mapbook

By : Stéphane Eyskens, Ed Price
Book Image

The Azure Cloud Native Architecture Mapbook

By: Stéphane Eyskens, Ed Price

Overview of this book

Azure offers a wide range of services that enable a million ways to architect your solutions. Complete with original maps and expert analysis, this book will help you to explore Azure and choose the best solutions for your unique requirements. Starting with the key aspects of architecture, this book shows you how to map different architectural perspectives and covers a variety of use cases for each architectural discipline. You'll get acquainted with the basic cloud vocabulary and learn which strategic aspects to consider for a successful cloud journey. As you advance through the chapters, you'll understand technical considerations from the perspective of a solutions architect. You'll then explore infrastructure aspects, such as network, disaster recovery, and high availability, and leverage Infrastructure as Code (IaC) through ARM templates, Bicep, and Terraform. The book also guides you through cloud design patterns, distributed architecture, and ecosystem solutions, such as Dapr, from an application architect's perspective. You'll work with both traditional (ETL and OLAP) and modern data practices (big data and advanced analytics) in the cloud and finally get to grips with cloud native security. By the end of this book, you'll have picked up best practices and more rounded knowledge of the different architectural perspectives.
Table of Contents (13 chapters)
Section 1: Solution and Infrastructure
Section 2: Application Development, Data, and Security
Section 3: Summary

Introducing cloud-native security

In light of what we have seen so far in previous chapters, we know that the cloud can help us develop and deploy solutions faster and at a better cost. However, that is only true if we also modernize the way that we secure our workloads. Cloud-native security relies on the Shift-Left principle, which consists of integrating security processes earlier in the life cycle of an asset. Considering security from the ground up prevents unexpected delays and surprises later, prior to the production deployment. However, this is easier said than done!

Often, we see developers (usually early adopters) and infrastructure engineers embracing this modernized way of working (with Infrastructure as Code (IaC)), while security remains organized in a traditional way (waterfall and reactive). Often, you must wait weeks, if not more, to have a firewall rule ticket request accepted and implemented. This way of working is the exact opposite of the Shift-Left mindset...