Endpoints are a critical aspect of securing your resources in the cloud. When using Azure PaaS services, it is important to understand the differences between two types of endpoint available in Azure: service endpoint and private endpoint.
Service endpoint:
A service endpoint is a way of extending your virtual network’s private address space to Azure services over the Azure backbone network. When a service endpoint is enabled, traffic between your virtual network and the Azure service of your choice stays on the Azure backbone network, rather than going over the public internet. This provides better security and performance for your resources.
Identity and Access Management (IAM) is a framework of policies and technologies to ensure the right people or machines to access the right assets or resources.
Identity:
In this digital age, an identity can be either a human (user), a software component (application) or a hardware component (computer, mobile or IoT device). Just like any identity document in the real-world, identities serve is a way to authenticate and authorize access to assets and resources.
Azure operations can be divided into 2 categories:
Control plane (or Management plane) - used to manage resources in azure subscriptions, e.g. creation of a virtual machine or a storage account
All requests for control plane operations are sent to the Azure Resource Manager URL. For Azure global, the url is: https://management.azure.com
Data plane - used to manage capabilties exposed by instances of resource types e.g. using remote desktop protocol (RDP) to interact with a virtual machine, or reading/writing data in a storage account.
Requests for data plane operations are sent to an endpoint specific to the instance of the resource type e.g. https://myname.blob.core.windows.net
I recently read this book “Making work visible” by Dominica Degrandis which explains how to facilitate work organization by making it visual. It also nearly explains some recurrent problems which corporations overlook while designing work processes - the time thieves. The 5 time thieves prevent getting work done efficiently and can be identified (and minimized) when work is surfaced visually.
The 5 time thieves or categories of problems are:
Too much Work in Progress - this happens usually when demand exceeds the capacity of the team. Too much work in progress (WIP) leads to context switching and decreases the quality of items and things take longer to finish overall. WIP is a leading indicator of cycle time. The fact that excess demand has an impact on delivery is explained neatly by queuing theory - Little’s Law.
Agile projects come with their own challenges. While the tech industry has increasingly adopted agile, practical experience about agile methods is not always available. Certain consultancies and third parties have made roaring business out of the agile coaching usually solicited by corporations while embarking on agile transformations. In many cases, the corporations did not have a system of follow-up and in others the consultants did not help adapt the frameworks to the specific case at hand. In the end, teams end up without understanding the agile values and “whys” of using agile and focus on ceremonies like the stand up meeting or having a kanban board. Along with misconceptions and lack of clarity about the methods to be worked with, these are some of the main reasons I’ve seen agile projects fail.
