Posts

Azure Web Application Firewall(WAF) - Overview

Image
Azure Web Application Firewall (WAF) on Azure Application Gateway provides centralized protection of our web applications from mundane exploits and susceptibilities. Commonly known vulnerabilities are SQL injection, cross-site scripting, and more... The below architecture diagram describes how Application Gateway avails in routing different websites with different domains hosted on different servers from the same Application Gateway and how the requests can be filtered and accepted/blocked predicated on the type of traffic.  Application Gateway operates as an application delivery controller (ADC). It offers Convey Layer Security (TLS), termination, cookie-predicated session affinity, round-robin load distribution, content-predicated routing, faculty to host multiple websites, and security enhancements. Application Gateway security enhancements include TLS policy management and end-to-end TLS support. Application security is fortified by WAF integration into the Application Gateway. The

Azure -Serverless web application -Architecture

Image
Today we will discuss the serverless web application, with the help of reference architecture. The application serves static content from Azure Blob Storage and implements an API utilizing Azure Functions. The API reads data from Cosmos DB and returns the results to the web app. The term serverless has two distinct but cognate denotements: Backend as a service (BaaS):  Back-end cloud services, such as databases and storage, provide APIs that enable client applications to connect directly to these services. Functions as a service (FaaS):  In this model, a "function" is a piece of code that is deployed to the cloud and runs inside a hosting environment that plenarily abstracts the servers that run the code. The conception is that developers and DevOps personnel don't require to deploy, configure, or manage servers. This reference architecture fixates on FaaS utilizing Azure Functions, although serving web content from Azure Blob Storage could be an example of BaaS. Function

AWS Secret Manager Service as application properties with Spring boot

Image
Secrets Manager enables us to supersede hardcoded credentials in our code, including passwords, with an API call to Secrets Manager to retrieve the secret programmatically . These avails ascertain the secret can't be compromised by someone examining our code, because the secret no longer subsists in the code. Withal, we can configure Secrets Manager to automatically rotate the secret for us according to a designated schedule. This enables us to supersede long-term secrets with short-term ones, significantly abbreviating the peril of compromise. Overview 1. The admin creates a new secret in AWS Secrets Manager 2. A Spring Boot application uses the secret name to access the secrets stored in AWS Secrets Manager Step 1: Create & Store secrets in AWS Secret Manager. Use the AWS Console to create and store a new secret in AWS Secrets Manager.  Link Step 2:  Add the below dependency to the pom.xml file. <dependency> <groupId> com.amazonaws </groupId> <art

Logs Monitoring in Microservices using EFK - Architecture

Image
The EFK Stack is an amassment of three open-source products — Elasticsearch, Fluentd, and Kibana. EFK stack provides centralized logging in order to identify quandaries with servers or applications. It sanctions us to search all the logs in a single place. It withal avails to find issues in multiple servers by connecting logs during a concrete time frame. The EFK stack provides a simple yet robust log analysis solution for our developers and DevOps engineers to gain valuable insights on failure diagnosis, application performance, and infrastructure monitoring. Modern log management and analysis solutions include the following capabilities: Aggregation  – the facility to accumulate and ship logs from multiple data sources. Processing  – the faculty to transform log messages into consequential data for more facile analysis. Storage  – the faculty to store data for elongated time periods to sanction for monitoring, trend analysis, and security use cases. Analysis  – the faculty to dissect

Deploying Java Microservices on Azure Kubernetes Service(AKS) - Architecture

Image
Azure Kubernetes Service is a managed container orchestration service based on the open-source Kubernetes system. Azure Kubernetes Service is used to handle critical functionality such as deploying, scaling and managing Docker containers and container-based applications. Architecture   Data Flow: A developer makes changes to the Spring web application source code. Git is the distributed version control system. The code change is committed to a source control repository, such as BitBucket To commence the continuous integration (CI) process, a BitBucket webhook triggers a Jenkins project build. The Jenkins build job utilizes a dynamic build agent in Azure Kubernetes Service to perform a container build process. A container image is engendered from the code in source control and is then pushed to an Azure Container Registry. Through continuous deployment (CD), Jenkins deploys this updated container image to the Kubernetes cluster. Azure Active Directory is used to secure access to the res

JVM [Java Virtual Machine] - Architecture

Image
Java Virtual Machine (JVM) is a designation that provides a runtime environment in which java bytecode can be executed. As the denomination implicatively insinuates, the JVM acts as a “virtual” machine or processor. Java's platform independence consists mostly of its Java Virtual Machine (JVM). JVM is a component of the Java Run Environment (JRE). In other programming languages, the compiler engenders machine code for a particular system. However, the Java compiler engenders code for a Virtual Machine known as Java Virtual Machine.   The JVM performs the following operation: Loads code Verifies code Executes code  Here is how JVM works First, Java code is compiled into bytecode. This bytecode gets interpreted on different machines. Between the host system and Java source, Bytecode is an intermediary language.JVM in Java is responsible for allocating memory space. JVM Architecture JVM architecture in Java contains classloader, memory area, execution engine, etc.