Azure Bastion is a fantastic service for securely accessing virtual machines deployed in Azure, relying on the capabilites of Azure AD and the Azure portal like Multi-Factor Authentication. In terms of cost, it isn't prohibitive for an organization that needs such a capability. However, when you're working in a significantly constrained subscription for the purposes … Continue reading Azure Bastion On-demand
With respect to immutability, the first exposure many folks in technology experience with with arrays. An array is a contiguous space of memory for elements of the same time to be groups together. We can quickly read the element because they're accessed sequentially. However, this adjacency limits our ability to expand because any new elements … Continue reading Embrace at Least Some of Immutable Infrastructure
There has been a lot of buzz related to Azure Terrafy lately with presentations at HashiConf Global and videos from Ned Bellavance. I have always had rather tempered expectations of the tool with good reason and my recent experience cemented my initial thoughts. Limitations The tool is not going to turnaround and generate elegant HCL … Continue reading First Thoughts on Azure Terrafy
I am often in a privileged position to watch people develop their skills based on the roles I am in. With respect to Terraform, I see folks learn the basics where they're hard coding values into all of the resource properties, then they move on to using input variables, and so on. Another interesting inflection … Continue reading Why Do We Write Terraform Modules?
When following tutorials out there on Terraform, a consistent approach seems to be passing in authentication secrets through variables: provider "azurerm" { features {} subscription_id = var.subscription_id client_id = var.client_id client_secret = var.client_secret tenant_id = var.tenant_id } This is a very low friction way to handle authentication when first beginning with Terraform because the overall … Continue reading Authentication with Terraform
When considering cost management strategies for cloud, "right sizing" is a frequent strategy employed so that a workload has just the right number of resources for the task at hand. There is some immediate intuitive understanding that follows this statement. However, this exercise is one of the follies of what people often attribute to the … Continue reading Cloud Lessons Learned from Tesla AI Day
I have noticed a disturbing trend within the Terraform community beginning with Yevgeniy Brikman’s, “Terraform Up & Running,” although it could predate the material. Monorepos! I don’t recall if Brikman called them monorepos, or anything for that matter, I just recall the practice.
I should probably qualify that statement a bit. A common term used in the Agile (Scrum) methodology is the “sprint”. It is an interval of time planned to complete some defined amount of work. The use of this term with respect to Agile is dumb. Why? The purpose of the Agile methodology is organize around … Continue reading Sprints Are Dumb
Creating a Git repository is an easy enough task: mkdir my-new-repo cd my-new-repo git init If this is just a local repository, you might be safe to just start using it. However, if there is any chance that this repository is going to be stored in a platform, whether it is public or private, it … Continue reading Creating a Git Repo with Terraform In Mind
I just created an example Python repository, better_memoization, for applying the DRY (Don't Repeat Yourself) principle to some code I found demonstrating memoization. What is Memoization? Memoization is a practice of storing previously calculated iterations of recursive function in a memory cache. Instead of calculating the results every time, cached results are returned when available. … Continue reading Memoization and DRY
Dustin Dortch 