Azure Bastion On-demand

Azure Bastion is a fantastic service for securely accessing virtual machines deployed in Azure, relying on the capabilites of Azure AD and the Azure portal like Multi-Factor Authentication. In terms of cost, it isn't prohibitive for an organization that needs such a capability. However, when you're working in a significantly constrained subscription for the purposes … Continue reading Azure Bastion On-demand


Embrace at Least Some of Immutable Infrastructure

With respect to immutability, the first exposure many folks in technology experience with with arrays. An array is a contiguous space of memory for elements of the same time to be groups together. We can quickly read the element because they're accessed sequentially. However, this adjacency limits our ability to expand because any new elements … Continue reading Embrace at Least Some of Immutable Infrastructure

First Thoughts on Azure Terrafy

There has been a lot of buzz related to Azure Terrafy lately with presentations at HashiConf Global and videos from Ned Bellavance. I have always had rather tempered expectations of the tool with good reason and my recent experience cemented my initial thoughts. Limitations The tool is not going to turnaround and generate elegant HCL … Continue reading First Thoughts on Azure Terrafy

Why Do We Write Terraform Modules?

I am often in a privileged position to watch people develop their skills based on the roles I am in. With respect to Terraform, I see folks learn the basics where they're hard coding values into all of the resource properties, then they move on to using input variables, and so on. Another interesting inflection … Continue reading Why Do We Write Terraform Modules?

Authentication with Terraform

When following tutorials out there on Terraform, a consistent approach seems to be passing in authentication secrets through variables: provider "azurerm" { features {} subscription_id = var.subscription_id client_id = var.client_id client_secret = var.client_secret tenant_id = var.tenant_id } This is a very low friction way to handle authentication when first beginning with Terraform because the overall … Continue reading Authentication with Terraform

Cloud Lessons Learned from Tesla AI Day

When considering cost management strategies for cloud, "right sizing" is a frequent strategy employed so that a workload has just the right number of resources for the task at hand. There is some immediate intuitive understanding that follows this statement. However, this exercise is one of the follies of what people often attribute to the … Continue reading Cloud Lessons Learned from Tesla AI Day

Creating a Git Repo with Terraform In Mind

Creating a Git repository is an easy enough task: mkdir my-new-repo cd my-new-repo git init If this is just a local repository, you might be safe to just start using it. However, if there is any chance that this repository is going to be stored in a platform, whether it is public or private, it … Continue reading Creating a Git Repo with Terraform In Mind

Memoization and DRY

I just created an example Python repository, better_memoization, for applying the DRY (Don't Repeat Yourself) principle to some code I found demonstrating memoization. What is Memoization? Memoization is a practice of storing previously calculated iterations of recursive function in a memory cache. Instead of calculating the results every time, cached results are returned when available. … Continue reading Memoization and DRY